CVE-2023-22574

Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and...

CVE-2023-22575

Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges...

CVE-2023-22573

Dell PowerScale OneFS 9.0.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in cloudpool. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure...

CVE-2023-22575

Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges...

Information disclosure

Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and...

Information disclosure

Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges...

CVE-2023-22575

Dell PowerScale OneFS versions 9.0.0.x–9.4.0.x are affected by a log file information disclosure vulnerability in the celog component. The root cause is insertion of sensitive data into log files, which could be exploited by a low-privilege user to cause information disclosure and escalate privil...

CVE-2023-22575

Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges...

CVE-2023-22572

Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover...

CVE-2023-22574

Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and...

CVE-2023-22572

Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover...

CVE-2023-22572

Dell PowerScale OneFS is affected (versions 9.1.0.x–9.4.0.x). The issue is that the change password API can insert sensitive information into log files, enabling a low-privilege local attacker to potentially take over the system. Affected component: change password API; root cause: sensitive data...

AKINDO SUSHIRO 日志信息泄露漏洞

AKINDO SUSHIRO 寿司郎 is a sushi take-out software from the Japanese company AKINDO SUSHIRO. A security vulnerability exists in AKINDO SUSHIRO that originates from exporting sensitive information to a log file...

JVN#84642320: SUSHIRO App for Android outputs sensitive information to the log file

SUSHIRO App for Android provided by AKINDO SUSHIRO CO., LTD. outputs sensitive information to the log file CWE-532. Impact An attacker may obtain a credential information from the log file. Solution Update the Application Update the application to the latest version according to the information...

PT-2023-6700 · Ibm · Ibm Spectrum Virtualize

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Virtualize versions 8.3 through 8.5 Description: The issue is related to the disclosure of SNMPv3 server credentials through log files. This could allow a remote attacker to gain unauthorized access to protected information. The...

Information Disclosure

ovirt is vulnerable to information disclosure. An attacker with sufficient privileges is able to read the log file due to plaintext password logging in the log file when using otapi-style...

PT-2023-15954 · Sap · Sap Bank Account Management

Name of the Vulnerable Software and Affected Versions: SAP Bank Account Management Manage Banks affected versions not specified Description: The issue concerns the disclosure of sensitive data in the SAP Bank Account Management Manage Banks application. When a user clicks a smart link to navigate...

EulerOS Virtualization 2.10.0 : kexec-tools (EulerOS-SA-2022-2907)

According to the versions of the kexec-tools package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read...

EulerOS Virtualization 2.10.1 : kexec-tools (EulerOS-SA-2022-2933)

According to the versions of the kexec-tools package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read...

CVE-2019-13988

Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request aka Forced Browsing...